April 12

0 comments

Vulnerability Scanner for Ruby/Rails

By Christopher Mendla

April 12, 2016


Last Updated on November 30, 2019 by Christopher G Mendla


I found a tool called brakeman that does vulnerability scans of rails applications. It installs as a gem and you run it from the command line. I had some issues with it using up memory but found a way around it.

http://brakemanscanner.org/

The paid version is $500 per license. However, the free version works pretty well. I can just do a > redirect to a text file from the dos command.  i.e.  brakeman > vulnerabilities.txt

You install Brakeman as a gem and then run Brakeman with any parameters from a command prompt. The results on the screen will give you an indication of any vulnerabilities.  Keep in mind that this is not proof that your application is safe but it will help point out issues.


Christopher Mendla

About the author

Leave a Reply

Your email address will not be published. Required fields are marked

{"email":"Email address invalid","url":"Website address invalid","required":"Required field missing"}